ID de Prueba:	1.3.6.1.4.1.25623.1.0.902916
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167)
Resumen:	This host is missing an important security update according to; Microsoft Bulletin MS12-042.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS12-042. Vulnerability Insight: The flaws are due to an: - Error in the User Mode Scheduler (UMS) when handling a particular system request can be exploited to execute arbitrary code. - Error in incorrect protection of BIOS ROM can be exploited to execute arbitrary code. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code with kernel-mode privileges. Affected Software/OS: - Microsoft Windows 7 x64 Edition Service Pack 1 and prior - Microsoft Windows XP x32 Edition Service Pack 3 and prior - Microsoft Windows 2K3 x32 Edition Service Pack 2 and prior - Microsoft Windows Server 2008 x64 Edition Service Pack 1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 8.3 CVSS Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0217 Cert/CC Advisory: TA12-164A http://www.us-cert.gov/cas/techalerts/TA12-164A.html CERT/CC vulnerability note: VU#649219 http://www.kb.cert.org/vuls/id/649219 Debian Security Information: DSA-2501 (Google Search) http://www.debian.org/security/2012/dsa-2501 Debian Security Information: DSA-2508 (Google Search) http://www.debian.org/security/2012/dsa-2508 https://www.exploit-db.com/exploits/28718/ https://www.exploit-db.com/exploits/46508/ FreeBSD Security Advisory: FreeBSD-SA-12:04 http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc http://security.gentoo.org/glsa/glsa-201309-24.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html Microsoft Security Bulletin: MS12-042 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042 NETBSD Security Advisory: NetBSD-SA2012-003 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596 http://secunia.com/advisories/55082 Common Vulnerability Exposure (CVE) ID: CVE-2012-1515 BugTraq ID: 52820 http://www.securityfocus.com/bid/52820 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15209 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17110 http://www.securitytracker.com/id?1026875 XForce ISS Database: vmware-esxserver-io-privilege-escalation(74480) https://exchange.xforce.ibmcloud.com/vulnerabilities/74480
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.